CLAIMS 

1 1, A digital certification method, comprising 

2 the steps of: 

3 storing, at a first time, a first signature 

4 dependent upon a first user identity and a first user 

5 system in combination; 

6 generating, at a second time subsequent to said 

7 first time, a second signature dependent upon a second 

8 user identity and a second user system in combination; 

9 and 

10 certifying, in dependence upon said first and 

11 second signatures, whether the combination of said 

12 second user identity and said second user system match 

13 the combination of said first user identity and said 

14 first user system, 

1 2. A method according to claim 1, wherein said 

2 step of storing comprises the step of developing said 

3 first signature in dependence upon a first user 

4 identity code and in dependence further upon a first 

5 group of at least one component as present in said 

6 first user system at said first time. 

1 3 . A method according to claim 2 , wherein said 

2 step of developing said first signature comprises the 
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3 step of obtaining said first user identity code in 

4 response to user input, 

1 4. A method according to claim 2, wherein said 

2 step of storing further comprises the step of storing 

3 said first signature accessibly to a certification 

4 server, 

5 and wherein said step of certifying comprises the 

6 step of said certification server developing a 

7 certification result in dependence upon said first and 

8 second signatures. 

1 5. A method according to claim 1, wherein said 

2 second user system is said first user system, 

1 6. A method according to claim 1, wherein said 

2 step of certifying comprises the step of certifying, in 

3 dependence upon said first and second signatures, 

4 whether the combination of said second user identity 

5 and said second user system match the combination of 

6 said first user identity and said first user system, 

7 and further that said second signature was generated at 

8 a time different from said first time. 

1 7. A method according to claim 6, wherein said 

2 step of generating is performed in response to a 
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3 challenge, wherein said second signature is further 

4 dependent iipon said challenge, and wherein said step of 

5 certifying comprises the step of developing a 

6 certification result in dependence upon said first and 

7 second signatures and further in dependence upon said 

8 challenge. 

1 '8, A method according to claim 1, further 

2 comprising the step of providing a challenge code, 

3 wherein said second signature is further 

4 dependent upon said challenge code. 

1 9, A method according to claim 8, wherein said 

2 step of certifying comprises the step of developing a 

3 certification result in dependence upon said first and 

4 second signatures and further in dependence upon said 

5 challenge code. 



1 10. A method according to claim 9, wherein said 

2 step of storing a first signature comprises the step of 

3 storing said first signature accessibly to a 

4 certification server, 

5 wherein said step of providing a challenge code 

6 comprises the step of an inquiring system providing 

7 said challenge code to both said second user system and 

8 said certification server. 
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9 wherein said step of generating a second 

10 signature comprises the step of said second user system 

11 generating said second signature, said second signature 

12 being provided to said certification server, 

13 and . wherein said step of developing a 

14 certification result is performed by said certification 

15 server. 

1 11. A method according to claim 10, wherein said 

2 step of certifying further comprises the step of 

3 providing said certification result to said inquiring 

4 system. 

1 12. A method according to claim 1, wherein said 

2 step of storing a first signature comprises the step of 

3 storing said first signature accessibly to a 

4 certification server, and wherein said first user 

5 system comprises a first group of components, 

6 comprising the steps of: 

7 developing a first component signature of each 

8 respective component in said first group as present in 

9 said first user system at said first time; and 

10 storing said first component signatures 

11 accessibly to said certification server. 
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1 13 . A method according to claim 12, wherein said 

2 second user system comprises a second group of 

3 components, wherein said first signature is different 

4 from said first component signatures, wherein said step 

5 of certifying comprises the step of said certification 

6 server determining, in dependence upon said first and 

7 second signatures, that the combination of said second 

8 user identity and said second user system does not 

9 match the combination of said first user identity and 

10 said first user system, further comprising the steps 

11 of: 

12 developing a second component signature of each 

13 respective component in said second group as present in 

14 said second user system at said second time; and 

15 said certification server comparing said second 

16 comporient signatures with said first component 

17 signatures to determine whether said first and second 

18 user systems satisfy predetermined drift criteria, 

1 \14. A method according to claim 13, wherein said 

2 step of comparing comprises the step of determining 

3 whether a count of the number of said second component 

4 signatures which differ from corresponding first 

5 component signatures exceeds a predetermined maximum 

6 drift number greater than zero. 
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1 15. A method according to claim 13, wherein said 

2 step of certifying further comprises the step of 

3 determining whether said second user identity code is 

4 equal to said first user identity code. 

1 16. A digital certification method, comprising 

2 the steps of: 

3 storing, accessibly to a certification server, a 

4 first ' signature of a first user identity on a first 

5 user system in dependence upon a first user identity 

6 code and in dependence further upon a first group of at 

7 least one component as present in said first user 

8 system at a first time; 

9 at a second time subsequent to said first time, 

10 an inquiring system providing a challenge code to a 

11 second user system and said second user system 

12 developing a second signature in dependence upon a 

13 second user identity code and in dependence further 

14 upon a second group of at least one component as 

15 present in said second user system at said second time; 

16 providing said challenge code and said second 

17 signature to said certification server; and 

18 said certification server developing a 

19 certification result in dependence upon said second 
2 0 signature and a combination of said challenge code and 
21 said first signature. 
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1 17. A method according to claim 16, further 

2 comprising the step of communicating said certification 

3 result to said inquiring system. 

1 18. A digital certification method, comprising 

2 the steps of: 

3 forming, at a first time, a first signature 

4 dependent upon a first user identity and a first user 

5 system in combination; 

6 providing said first signature to a certification 

7 server; 

8 generating, in response to an inquiry from an 

9 inquiring system at a second time subsequent to said 

10 first time, a second signature dependent upon a second 

11 user identity and a second user system in combination; 

12 and 

13 providing said second signature for comparison 

14 with said first signature. 

1 19 . A method according to claim 18, wherein said 

2 step of forming a first signature comprises the step of 

3 developing said first signature in dependence upon a 

4 first user identity code and in dependence further upon 

5 a first group of at least one component as present in 

6 said first user system at said first time. 



Attorney Docket No.:* CRYPlOlOWSW 
/wsw/cryp/1010 . 101 



1 2 0, A method according to claim 19, wherein said 

2 step of developing said first signature comprises the 

3 step of obtaining said first user identity code in 

4 response to user input. 

1 21. A method according to claim 18, wherein said 

2 second user system is said first user system. 

1 22. A method according to claim 18, wherein said 

2 second signature is further dependent upon said 

3 inquiry. 

1 23. A method according to claim 18, wherein said 

2 second user system receives a challenge code in 

3 conjunction with said inquiry, 

4 and wherein said second signature is further 

5 dependent upon said challenge code. 

1 24, A method according to claim 18, wherein said 

2 first user system comprises a first group of 

3 components, 

4 comprising the steps of: 

5 developing a first component signature of each 

6 respective component in said first group as present in 

7 said first user system at said first time; and 
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8 providing said first con^onent signatures to said 

9 certification server. 

1 25. A method according to claim 24, wherein said 



2 second user system comprises a second group of 

3 components, wherein said first signature is different 

4 from said first component signatures, and wherein the 

5 combination of said second user identity and said 

6 second user system does not match the combination of 

7 said first user identity and said first user system, 

8 further comprising the steps of: 

9 developing a second component signature of each 

10 respective component in said second group as present in 

11 said second user system at said second time; and 

12 providing said second component signatures for 

13 comparison with said first component signatures. 

1 26. A digital certification method, comprising 

2 the steps of: 

3 providing a challenge code to a user system in 

4 response to a request for authorization for said user 

5 systeir^; 

6 receiving a real time signature from said user 

7 system after said step of providing a challenge code; 

8 providing said challenge code and said real time 

9 signature to a certification server; and 
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10 receiving a certification result from said 

11 certification server after said step of providing said 

12 challenge code and said real time signature to said 

13 certification seirver* 

1 27. A method according to claim 26, wherein said 

2 real time signature is dependent upon a first user, 

3 identity and said user system in combination. 



1 28. A method according to claim 27, wherein said 

2 real time signature is further dependent upon said 

3 challenge code. 

1 29. A digital certification method, comprising 

2 the steps of: 

3 storing accessibly to a certification server, at 

4 a first time, a first signature dependent upon a first 

5 user identity and a first user system in combination; 

6 receiving, at a second time subsequent to said 

7 first time, a second signature dependent upon a second 

8 user identity and a second user system in combination; 

9 and 

10 certifying, in dependence upon said first and 

11 second signatures, whether the combination of said 

12 second user identity and said second user system match 
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13 the combination of said first user identity and said 

14 first user system* 

1 3 0. A method according to claim 29, wherein said 

2 second user system is said first user system, 

1 31, A method according to claim 29, wherein said 

2 step of certifying comprises the step of certifying, in 

3 dependence upon said first and second signatures, 
03 4 whether the combination of said second user identity 
Ijl 5 and said second user system match the combination of 
rij 6 said first user identity and said first user system, 
ij] 7 and that said second signature was generated at a time 

8 different from said first time. 

o 

1 32. A method according to claim 29, further 

2 comprising the step of receiving, in conjunction with 

3 said step of receiving a second signature, a copy of a 

4 challenge code, 

5 wherein said second signature is further 

6 dependent upon said challenge code. 

1 3 3. A method according to claim 32, wherein said 

2 step of certifying comprises the step of developing a 

3 certification result in dependence upon said first and 
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4 second signatures and further in dependence upon said 

5 challenge code. 

1 34, A method according to claim 29, wherein said 

2 step .of certifying further comprises the step of 

3 providing a certification result to an inquiring 

4 system. 



1 35. A method according to claim 29, wherein said 

2 first user system comprises a first group of 

3 components, comprising the steps of: 

4 receiving a first component signature of each 

5 respective component in said first group as present in 

6 said first user system at said first time; and 

7 storing said first component signatures 

8 accessibly to said certification server. 

1 35. A method according to claim 35, wherein said 



2 second user system comprises a second group of 

3 components, wherein said first signature is different 

4 from said first component signatures, wherein said step 

5 of certifying comprises the step of said certification 

6 server determining, in dependence upon said first and 

7 second signatures, that the combination of said second 

8 user identity and said second user system does not 

9 match the combination of said first user identity and 
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lo said first user system, further comprising the steps 

11 of: , 

12 receiving a second component signature of each 

13 respective component in said second group as present in 

14 said second user system at said second time; and 

15 said certification server comparing said second 

16 component signatures with said first component 

17 signatures to determine whether said first and second 

18 user systems satisfy predetermined drift criteria. 

1 r''^ ' ^ method according to claim 36, wherein said 

2 step of comparing comprises the step of determining 

3 whether a count of the number of said second component 

4 signaturet^ which differ from corresponding first 

5 component signatures exceeds a predetermined maximum 

6 drift number greater than zero. 

1 3 8. A method according to claim 36, wherein said 

2 step of certifying further comprises the step of 

3 determining whether said second user identity code is 

4 equal to said first user identity code. 
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